Problem
After resetting a Windows User password in Computer Management from an Administrator account, you receive the following error dialog when trying to access the key-file from the User's profile:
Key not valid for use in specified state.
(Error 0x8009000B reported by "Windows System Error")
Cause
When forcing the Windows User's password to reset in Computer Management you will see this warning dialog:
A password reset is more complex than a password change because Windows stores certain User data inside a 'Master Key'. Because the Administrator is not logged on as the User in question, they do not have access to the User's old password. This means that the old password cannot be used to decrypt the old Master Key and re-encrypt it with the new password. As DESlock+ uses the Windows Cryptography API, resetting the password causes DESlock+ to lose access to the Master Key.
Solution
There are two ways to resolve this issue:
1. Revert the Windows password change back to the previous password
or
2. First reset the activation state of the Workstation and then activate the User again. This will set the key-file to the new Windows password. See these articles for more information:
KB383 - How to reset the activation process of a managed client
KB216 - How do I activate a new client (Enterprise Server v2.5.2 or later)?
Reactie toevoegen
Log in of registreer om een reactie te plaatsen.